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Claims 

1. A system for providing authentication of data coiiuiiunication over a 
communication link (104) between a client (100) and an agent (102) in 
accordance with an ordinarily insecure network commiimcation protocol, &c 

5 protocol comprising a communal string field for an appliance in the data 

commimication, characterized in that^ a string to be applied once, based on a 
sTiHrrjl sml l)r:rwt:nTi (he clienl and the agent, is adapted to be incoqiorHrril iritti 
the communal string field to be transmitted between the client ond the a^ent 
for autlicntication, wherein the string is determined 1)y a substantially similar 
1 0 algorithm at both the client and the agent based on the shared seed. 

2. A syslx:rn aucurdinj/ lis vAmm 1, wherein a second string adapted to b« applii-:d 
onoe, based on the shared seed, is determined if cither the client or the agent 
has applied the uiicc applied siring once. 

3. A system according to claim 2> wherein the transmitted once applied string of 
IS a tranamitring enrity and The generated once applied string of a receiving 

network entity match for each string calculation round, and any other pair of 
die sti'ings does not fficilx:Ti, wh«r«in ihe client and the ageni c:otnpriKct h 
transmitting network entity and a receiving network entity depending on an 
operational mode of the client and die agent in tlie conununication link« 
20 wherein the roles can be changed. 

4. A {System according Ixi ulHim 1, wherein Ihe shared seed is based un h rarulcim 
nimiber generator and is generated at either one of the client or the agent, and 
communicated to the onCp which did not generate tlie shared seed, 

A system according to any preceding claim, wherein the ordinarily insecure 
25 network communication piotouul ctnripriKcs Sirrijile NeLwtirk Management 

Protocol (SNMP). 

6. A system according to any preceding elaim, wherein the communication link 
( 1 U4) comprises internet. 

7. A system according to any preceding claim, wherein the algorithm generates a 
30 new string to be applied oncc» which string is based on the seed and on a 

secuie randon) logic fiir Iminj; clirncnii /o copy a pallKm or » pluiality of tlie 
Strings. 
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8. A systKin Hc:cauUng to claim 1, wherein the client and the agml remain 
synchronized in an operation loop of currently generated and once applied 
string by an acknowledgement message hetween the ulieiic and die agent 

9. A system according to claim 1, wherein the client or the agent sets an 
5 operalion in accordance with the data communication unaudiorized, if the 

stnng to be applied once, which is transmitted therebetween, does not 
correspond witli a generated stiiiig to he applied mice iifa it:ceiviiig network 
entity, wherein the client and the agent comprise a transmitting network entity 
and the receiving network entity depending on an operational mode of the 
10 client and die agent in the coimnunication link, wherein the roles can be 

changed. 

10. An apparatus (100,102) for providing authentication of data communication 
over a communication link (104) between a client (100,102) and an agent 
(100,102) in accordance with an ordinarily insecure network communication 

15 protocol, the protocol comprising a communal string field for an appliance in 

die data coriiinuniuHiicm, chHraiclerized in that a string to be applied once, 
based on a shared seed between the client and die agent:, is adapted to be 
uicorporated into the ciirnTTiiiuHl siring field to be transmitted between the 
client and the agent for authentioation, wherein the once applied string is 

20 detemiined by a substantially similar algoiidiiii at Imifi ihe client and the agent 

based on the shared seed. 

11. A iiietliod rcir autheniicaiion of data communication over a commimir-HOVm 
link (104) between a transmirtinfi network entity (100,102) and a receiving 
network entity (100,102) in accordance widi an ordinarily insecure network 

25 communication protocol, the protocol comprising a communal string field for 

an appliance in the data conmiunication, characterized in that the method 
comprises the stqjs of: 

establishing a seed at die cither network entity for sharing the seed with the 
one network entity, which did not establish the seed, 

30 sharing the seed widi the one itetwoik entity, wliicli did nut eKtahlish die seed. 

generating a string to be applied once based on the shared seed at both the 
iransrriiliin^ nclwurk entity and the receiving network entity, 
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iiiuorijoiatiiie, al a liHrisniining nclwork. rofily, ihc slririii nihi l:1ie communal 
string field for transmitimg a message in accordance with the ordinarily 
insecure network communication protocol, 

receiving the message at the receiving network entity, 

5 checking the siring of the communal string field of the message for 

correspondence with the string, which is calculated, at the receiving network 
mfiiy, and 

authenticating the message if there is a correspondence between the string of 
the communal string field of the message and the generated string, 

10 1 2. A method accnidiiifj l.n i:l«iTri 1 1 , QirthCT comprising the sltsps of 

generating a second string to be applied once based on tlic shared seed at both 
the transmitdng network entity and the receiving networic entity, 

incorporating, at the tiausuiiltiug nclwork cnliLy, the seooiid string into die 
communal string field for transmitting a second message in accordance with 
15 atxc ordinarily insecure network communication protocol, 

receiving the second message at the receiving network entity, 

checking The second string of the communal string field of the second message 
for correspondence with the second string, which is calculated, at the receiving 
nelwttrk crillly, Hrul 

20 authenticating the second message if there is a correspondence between the 

second string of die communal string field of the second message and the 
generated second string. 

13; A metiiod according to claim 1 i, wherein the transmitting network entity and 
the receiving network entity comprise a client and an agent depending on an 
25 operational mode of the transmitting network entity and the receiving network 

entity in the communication link, wherein the roles can be changed. 
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